77b892b6ce85a01f14da396040b04e6e[.]zip | Triage

Sharing

General

Target

77b892b6ce85a01f14da396040b04e6e.zip
Size

405KB
MD5

d91a869258d53bb632b3f7e7c6bddd74
SHA1

e7d1239273b79a2eead71c1122dd6705c70f4e9f
SHA256

8d95ec47526e384aee49f09ecbdd475fe66510a638056d1e0080f56ee6746d6e
SHA512

f1b0564dd89dd7d557a628df7235f77a7232b48ddcfdc7fc80e68b90af0cfe2b23199e5b058abc5f191631fd672b45ec13d07359c262fd4260296bb8c98bc30a
SSDEEP

12288:q3FEYT2n4OS70xO8D7UobdMKWrSynTJI4rr0F:q3FwiahnQvn9JvG

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/6e5fa283b88a994183b4a705d77bebc77313158b5735001141e82cee2ad8e444	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/6e5fa283b88a994183b4a705d77bebc77313158b5735001141e82cee2ad8e444

Files

77b892b6ce85a01f14da396040b04e6e.zip
.zip

Password: infected
6e5fa283b88a994183b4a705d77bebc77313158b5735001141e82cee2ad8e444
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 472KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 264KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bldvar
Size: 38KB - Virtual size: 196KB

BSS
Size: 12KB - Virtual size: 192KB